SSH Proxy (how-to)
SSH Proxying is one of my every day tools. Sitting at work with a Barracuda firewall looking, snooping, and possibly blocking everything that I do. Hanging at a coffee shop when you see a suspicious person most likely snooping your information out of the air. In the first case I’m primarily just trying to get around a hurdle. In both cases I want my traffic encrypted and hidden from 3rd parties.
What is SSH Proxying?
This is a means of setting up a Secure Shell (SSH) and then piping your various web requests across this pipe or tunnel.
I’ve got 2 different SSH Proxies that I use daily.
Web Traffic – SSH Tunnel/Proxy:
ssh -CqN -D 8080 [username]@[hostname]
For above tunnel I’m using the following:
-D: bind port – in this case 8080 locally
-C: enables compression
-q: quiet mode (suppresses any warnings)
-N: don’t execute any remote commands
The -CqN are just some bells and whistles I use for the connection but not required. Please see below on configuring your browser to use the newly established SSH Tunnel.
Various other traffic (IRC, VNC, Torrent, etc…) – SSH Port Forwarding
ssh -L 6667:irc.[hostname]:6667 [username]@[hostname]
In this example, I’m binding a local port (-L 6667) to a remote boxes port (6667) through the server I have SSH’ed into. You can also add some of the bells and whistles from the web proxy to this one as well. Please see below for using this port forward with and IRC client.
Configuring the Browser:
The general idea (for Firefox) is to go to: Preferences –> Advanced –> Network –> Connection –> Settings. Select ‘Manual proxy configuration’. Set SOCKS Host: localhost Port: 8080. Click OK/Save and you should be good to go.
Here’s a screen shot of my settings:
